On Wed, 13 Mar 2002, Stephane Bortzmeyer wrote:
> On Wed, Mar 13, 2002 at 10:38:53AM -0800,
> Jeremy C. Reed <[EMAIL PROTECTED]> wrote
> a message of 37 lines which said:
>
> > You shouldn't have to setup a firewall as a workaround either. If your NIC
> > card is configured for a particular IP and you want to stop it, then
> > simply unplugging the ethernet cable should do it.
>
> No Unix work that way.
RFC 1122: strong ES model. (His problem is Linux's weak "End
System" model.)
For example, FreeBSD offers sysctl (net.inet.ip.check_interface) for
verifying that an incoming packet arrives on an interface that has an
address matching the packet's destination address.
I know other Unixes also offer this. I assume that a patch is available
for Linux kernel to also provide this.
Jeremy C. Reed
.......................................................
ISP-FAQ.com -- find answers to your questions
http://www.isp-faq.com/
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
